SIR - The RedIRIS Identity Service

SIR (Servidor de Identidad de RedIRIS) offers a hub that forwards identity data managed by the RedIRIS affiliated institutions to sites where these data can be applied for improving access control, enriching user experience, strengthening the security, and many other service enhancements.

SIR is based on federated identity technologies, so:

Users are identified by the local servers of their institutions, using the procedures defined by them, and without exposing their credentials out of the local realm.

Identity service managers have full control over the identification procedures and the attributes associated with each user.

Each institution autonomously applies the control mechanisms that sees fit in order to offer its users the possibility of making informed decisions on the personal data subject of being exchanged.

RedIRIS provides a secure, dependable and standard connection among institutions and service providers.

Service providers autonomously apply any access control mechanism to the resourcs under their responsibility, according to their policies. It is important to take into account that any organization willing to provide access through SIR can be a service provider, whether they are part of the RedIRIS community (or any other NREN), or not (commercial companies, governmental agencies, etc.).

The current version of SIR uses internally the PAPI v.1 federation protocol and is able to exchange data according to the following protocols: